What did the NordVPN hack expose?

According to NordVPN, the early-2018 incident left some parts of its users' search history unprotected – though the firm maintains that details such as activity logs, usernames and passwords remained secure thanks to its encryption protocols.

It added that the breach was confined to a single data center in Finland – meaning that just one of the "more than 3000 servers" it utilized was affected, in the firm's own words – and that it had since severed ties with the partner in question.

"The expired TLS key was taken at the same time the datacenter was exploited. However, the key couldn’t possibly have been used to decrypt the VPN traffic of any other server," NordVPN said in a statement.

The popularity of Virtual Private Networks has grown in recent years as web users look to secure their online activity from tracking by advertisers, governments, and other third-party organizations.